Howdy, new to the forum and desperate for some help.
I am having trouble using session cookies with web browsers based on WebKit, specifically Safari, iPhone and Android (although it seems to work on Chrome).
I am targetting this discussion to Safari (on Windows), because I do not have any tools to intercept the iPhone or G1 Android requests/responses.
Our website is all https and it seems to play a part in this.
I setup a proxy to watch what is happening between the server and the browser.
When the user brings up our login screen enters the username and password, we issue a cookie that identifies the session. Then we issue an html response that does a meta refresh to another url, also on our domain. The browser does not issue the cookie back to us so we cannot establish session.
Here is what we sent out as a response to the login screen:
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Thu, 23 Oct 2008 13:53:51 GMT Content-type: text/html; charset=ISO-8859-1 Set-cookie: ePN_SID_main=20081023085351_135131; domain=eprocessingnetwork.com; path=/rsc/; secure Transfer-encoding: chunked <HTML> <HEAD> <META http-equiv="refresh" content="0; URL=https://www.eprocessingnetwork.com/rsc/index.pl"> </HEAD> </HTML>
GET /rsc/index.pl HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Version/3.1.2 Safari/525.21 Accept-Encoding: gzip, deflate Referer: https://www.eProcessingNetwork.com/rsc/index.pl Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-US Connection: keep-alive Proxy-Connection: keep-alive Host: www.eprocessingnetwork.com
Now this is the settings for Safari
Here is what the cookies look like:
If I make a change in the preferences from "Only from sites you navigate to" to "Always" it works.
This shows me that there is a problem with this cookie, but for the life of me I and my colleagues cannot figure out what it its.
Do you see any problem with this cookie and the way it is formatted?